Congressional Democrats raised alarms this week about the cybersecurity implications of Elon Musk gaining access to the Department of Treasury and Office of Personnel Management, particularly the risks associated with the rapid deployment of this access and an allegedly unsecured email server his team has used to send email blasts to federal employees.
In multiple letters, Democratic senators and representatives expressed concern about the level of access to sensitive systems that has been granted to Musk, a special government employee who does not have the same requirements to disclose conflicts of interest that many other federal employees have, and his team.
"It is extraordinarily dangerous to meddle with the critical systems that process trillions of dollars of transactions each year, are essential to preventing a default on federal debt, and ensure that tens of millions of Americans receive their Social Security checks, tax refunds, and Medicare benefits," said Sen. Elizabeth Warren, D-Mass., in
The system at issue is the payment system managed by the Bureau of the Fiscal Service, or BFS, part of the Department of the Treasury. The bureau acts as the federal government's checking account and payment rails, and it collects and disburses trillions of dollars each year in the form of tax debts and refunds, Social Security payments, federal employees' salaries and other transactions to which the federal government is a party.
The congresspeople said Musk's vast business interests in China, which they said raise the prospect of national security risks, create concerns about what he might do with access to BFS.
"An unelected, unaccountable billionaire — with expansive conflicts of interest, deep ties to China, and an indiscreet axe to grind against perceived enemies — is hijacking our nation's most sensitive financial data system and its checkbook,"
A Treasury official
The letter came from Jonathan Blum, principal deputy assistant secretary for the Treasury's office of legislative affairs, who took the job this month according to a LinkedIn page under his name. He spent three years in a similar role during Trump's first term.
"This is similar to the kind of access that Treasury provides to individuals reviewing Treasury systems, such as auditors, and that follows practices associated with protecting the integrity of the systems and business processes," Blum said.
In
Democratic lawmakers also expressed concern about the security implications of Musk's installation at the Office of Personnel Management of an allegedly unsecured email server that was used to send out test emails to millions of federal employees on Jan. 24.
"Just several days prior to the first test, OPM did not have the capability to email a distribution list of this scale," wrote Reps. Gerald Connolly, D-Va., and Shontel Brown, D-Ohio, in a letter to OPM. "Acquiring such a capability securely and in compliance with federal cybersecurity, privacy, and procurement laws would likely not have been possible in such a short time frame."
Later, on Jan. 28, federal employees
The email server installation enabled not just OPM but anybody to broadcast an email to tens of thousands of federal employees at the same time, according to journalist Ken Klippenstein, who
Connolly and Brown said in their letter the "inappropriate and spam email" was the result of a "lack of security and oversight associated with the new email system and data management practices."
Claire Williams contributed reporting.
